aa-notify: Make --local commandline option override use_local_profiles

If both the --local commandline option and use_local_profiles
configuration are specified, the commandline now takes precedence.

Signed-off-by: Maxime Bélair <maxime.belair@canonical.com>

utils/aa-notify

@@ -850,7 +850,7 @@ def main():
     parser.add_argument('-w', '--wait', type=int, metavar=('NUM'), help=_('wait NUM seconds before displaying notifications (with -p)'))
     parser.add_argument('-m', '--merge-notifications', action='store_true', help=_('Merge notification for improved readability (with -p)'))
     parser.add_argument('-F', '--foreground', action='store_true', help=_('Do not fork to the background'))
-    parser.add_argument('-L', '--local', nargs='?', const='yes', default='auto', choices=['yes', 'no', 'auto'], help=_('Add to local profile'))
+    parser.add_argument('-L', '--local', nargs='?', const='yes', choices=['yes', 'no', 'auto'], help=_('Add to local profile'))
     parser.add_argument('--prompt-filter', type=str, metavar=('PF'), help=_('kind of operations which display a popup prompt'))
     parser.add_argument('--debug', action='store_true', help=_('debug mode'))
     parser.add_argument('--configdir', type=str, help=argparse.SUPPRESS)
@@ -1072,15 +1072,19 @@ def main():
         keys_to_aggregate = config['']['keys_to_aggregate'].strip().split(',')
     else:
         keys_to_aggregate = {'operation', 'class', 'name', 'denied', 'target'}
-    if 'use_local_profiles' in config['']:
+
-        if config['']['use_local_profiles'] in {'auto', 'yes', 'no'}:
+    if not args.local:
-            args.local = config['']['use_local_profiles']
+        if 'use_local_profiles' in config['']:
-        elif config['']['use_local_profiles'] is None:
+            if config['']['use_local_profiles'] in {'auto', 'yes', 'no'}:
-            args.local = 'yes'
+                args.local = config['']['use_local_profiles']
+            elif config['']['use_local_profiles'] is None:
+                args.local = 'yes'
+            else:
+                sys.exit(_('ERROR: using an invalid value for use_local_profiles in config {}\nSupported values: {}').format(
+                    config['']['use_local_profiles'], ', '.join({'yes', 'auto', 'no'})
+                ))
         else:
-            sys.exit(_('ERROR: using an invalid value for use_local_profiles in config {}\nSupported values: {}').format(
+            args.local = 'auto'
-                config['']['use_local_profiles'], ', '.join({'yes', 'auto', 'no'})
-            ))
 
     if args.file:
         logfile = args.file

utils/aa-notify.pod

@@ -106,8 +106,8 @@ System-wide configuration for B<aa-notify> is done via
   # Binaries for which we ignore userns-related capability denials
   ignore_denied_capability="sudo,su"
 
-  # Write change to local profiles if enabled to preserve regular profiles and simplify upgrades
+  # Write change to local profiles if enabled to preserve regular profiles and simplify upgrades (yes, no, auto)
-  use_local_profiles
+  use_local_profiles="yes"
 
   # OPTIONAL - kind of operations which display a popup prompt.
   prompt_filter="userns"